OSSTMM | Open Source Security Testing Methodology Manual |
ZAP | Zed Attack Proxy |
DKIM | Domain Keys Identified Mail |
KPI | Key Performance Indicator |
SAML | Security Assertion Markup Language |
WAF | Web Application Firewall |
XSS | Cross-site Scripting |
MOU | Memorandum of Understanding |
SPF | Sender Policy Framework |
VPN | Virtual Private Network |
APT | Advanced Persistent Threat |
JSON | JavaScript Object Notation |
BIA | Business Impact Analysis |
ACL | Access Control List |
API | Application Programming Interface |
DDoS | Distributed Denial of Service |
DNS | Domain Name Service |
GPO | Group Policy Objects |
SLO | Service-level Objective |
DR | Disaster Recovery |
FIM | File Integrity Monitoring |
MAC | Media Access Control |
SASE | Secure Access Secure Edge |
GDB | GNU Debugger |
SSO | Single Sign-on |
CDN | Content Delivery Network |
CHD | Cardholder Data |
ICS | Industrial Control Systems |
SaaS | Software as a Service |
LOI | Letter of Intent |
LDAPS | Lightweight Directory Access Protocol |
OS | Operating System |
XDR | Extended Detection Response |
XXE | XML External Entity |
IoC | Indicators of Compromise |
SFTP | Secure File Transfer Protocol |
OT | Operational Technology |
NDA | Non-disclosure Agreement |
NIDS | Network-based Intrusion Detection System |
URL | Uniform Resource Locator |
TCP | Transmission Control Protocol |
C2 | Command and Control |
SLA | Service-level Agreement |
SOC | Security Operations Center |
BCP | Business Continuity Plan |
OpenVAS | Open Vulnerability Assessment Scanner |
SDN | Software-defined Networking |
CI/CD | Continuous Integration and Continuous Delivery |
PHP | Hypertext Preprocessor |
MTTR | Mean Time to Repair |
DMARC | Domain-based Message Authentication, Reporting, and Conformance |
MTTD | Mean Time to Detect |
ARP | Address Resolution Protocol |
ISO | International Organization for Standardization |
BGP | Border Gateway Protocol |
SDLC | Software Development Life Cycle |
ITIL | Information Technology Infrastructure Library |
TFTP | Trivial File Transfer Protocol |
HTTPS | Hypertext Transfer Protocol Secure |
PII | Personally Identifiable Information |
XML | Extensible Markup Language |
CVSS | Common Vulnerability Scoring System |
LFI | Local File Inclusion |
NGFW | Next-generation Firewall |
SNMP | Simple Network Management Protocol |
UEBA | User and Entity Behavior Analytics |
DoS | Denial of Service |
HIPS | Host-based Intrusion Prevention System |
SMTP | Simple Mail Transfer Protocol |
VLAN | Virtual LAN |
FTP | File Transfer Protocol |
MSF | Metasploit Framework |
CSRF | Cross-site Request Forgery |
IDS | Intrusion Detection System |
IP | Internet Protocol |
URI | Uniform Resource Identifier |
NTP | Network Time Protocol |
CVE | Common Vulnerabilities and Exposures |
USB | Universal Serial Bus |
MSP | Managed Service Provider |
RCE | Remote Code Execution |
SMB | Server Message Block |
IaaS | Infrastructure as a Service |
ICMP | Internet Control Message Protocol |
SOAR | Security Orchestration, Automation, and Response |
WAN | Wide Area Network |
PCI DSS | Payment Card Industry Data Security Standard |
LAN | Local Area Network |
NAC | Network Access Control |
DLP | Data Loss Prevention |
PID | Process Identifier |
CIS | Center for Internet Security |
MSSP | Managed Security Service Provider |
RFI | Remote File Inclusion |
EDR | Endpoint Detection and Response |
SSRF | Server-side Request Forgery |
HIDS | Host-based Intrusion Detection System |
PAM | Privileged Access Management |
SQL | Structured Query Languge |
MFA | Multifactor Authentication |
RXSS | Reflected Cross-site Scripting |
RDP | Remote Desktop Protocol |
SCADA | Supervisory Control and Data Acquisition |
VM | Virtual Machine |
PLC | Programmable Logic Controller |
SWG | Secure Web Gateway |
CA | Certificate Authority |
AV | Antivirus |
CERT | Computer Emergency Response Team |
PKI | Public Key Infrastructure |
SIEM | Security Information and Event Management |
IPS | Intrusion Prevention System |
OWASP | Open Web Application Security Project |
ZTNA | Zero Trust Network Access |
SSL | Secure Sockets Layer |
STIX | Structured Threat Information Expression |
TRACE | Trade Reporting and Compliance Engine |
TTP | Tactics, Techniques, and Procedures |
COBIT | Control Objectives for Information and Related Technologies |
CSIRT | Cybersecurity Incident Response Team |
IR | Incident Response |
CASB | Cloud Access Security Broker |
POC | Proof of Concept |
REST | Representational State Transfer |
TLS | Transport Layer Security |
BC | Business Continuity |
HTTP | Hypertext Transfer Protocol |
IT | Information Technology |